Security issue
Christian Marangi (Ansuel)
ansuelsmth at gmail.com
Tue Oct 21 12:09:56 PDT 2025
Il giorno mar 21 ott 2025 alle ore 21:07 <criticskate at protonmail.com>
ha scritto:
>
> Per openwrt[.]org/docs/guide-developer/security, I emailed contact at openwrt dot org to report a security issue yesterday. The page also states "in case you do not get an answer or it is important please use our public mailing list". I do not agree with the idea that security issues should be disclosed on a public mailing list, so I am simply stating here that it would be wise for whoever has access to the contact@ email to check the report.
>
> To be clear, the vulnerability I've reported is complex and would require unusual circumstances to exploit in practice, so it is not a critical issue. However, it would be ideal to check on the report and possibly fix it as the fix is not too complicated.
>
Thanks for the report!
Just to make it clear, "in case you do not get an answer or it is
important please use our public mailing list" we intend to say that
you would warn us not
disclose it publicly (just as you did).
More information about the openwrt-adm
mailing list